[KLUG Members] auto-nullrouting

Jamie McCarthy jamie at mccarthy.vg
Wed Nov 23 11:27:07 EST 2005

Previous message: [KLUG Members] auto-nullrouting
Next message: [KLUG Members] auto-nullrouting
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

bruce at armintl.com (Bruce Smith) writes:

> It's been my experience that the easiest solution is to simply
> change the port SSHD listens on to a high/non-standard port.  The
> dictionary attach bots only scan port 22.
> 
> I personally only allow SSH keys to login and turn off password
> authentication.

I'd rather not do either of those things, since I have other users
I'm letting use this machine of varying levels of technical
sophistication.  Alternate ports and key requirements will
probably guarantee me having to do (shudder) tech support.

> And if you really want to block, I have some netfilter (iptables)
> rules that will block port 22 for awhile after detecting a high
> frequency of connections in a short period of time.

That's what I want to do, yes.  :)
-- 
  Jamie McCarthy
 http://mccarthy.vg/
  jamie at mccarthy.vg

Previous message: [KLUG Members] auto-nullrouting
Next message: [KLUG Members] auto-nullrouting
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Members mailing list